[PULL,0/7] Usb 20210504 patches

Pull-request

git://git.kraxel.org/qemu tags/usb-20210504-pull-request

Message

Gerd Hoffmann May 4, 2021, 8:53 a.m. UTC

The following changes since commit 15106f7dc3290ff3254611f265849a314a93eb0e:

  Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-hex-20210502' into staging (2021-05-02 16:23:05 +0100)

are available in the Git repository at:

  git://git.kraxel.org/qemu tags/usb-20210504-pull-request

for you to fetch changes up to 6d900b0752a72d1236a37dd31ff4a9e685e5ff56:

  usb: limit combined packets to 1 MiB (CVE-2021-3527) (2021-05-04 08:38:55 +0200)

----------------------------------------------------------------
usb: fix some memory allocation issues (CVE-2021-3527).
usb: add stubs, allow building without usb subsystem.

----------------------------------------------------------------

Gerd Hoffmann (5):
  usb/hid: avoid dynamic stack allocation
  usb/redir: avoid dynamic stack allocation (CVE-2021-3527)
  usb/mtp: avoid dynamic stack allocation
  usb/xhci: sanity check packet size (CVE-2021-3527)
  usb: limit combined packets to 1 MiB (CVE-2021-3527)

Philippe Mathieu-Daudé (2):
  hw/usb/host-stub: Remove unused header
  hw/usb: Do not build USB subsystem if not required

 hw/usb/combined-packet.c |  4 +++-
 hw/usb/dev-hid.c         |  2 +-
 hw/usb/dev-mtp.c         |  3 ++-
 hw/usb/dev-wacom.c       |  2 +-
 hw/usb/hcd-xhci.c        |  5 +++++
 hw/usb/host-stub.c       |  1 -
 hw/usb/redirect.c        |  6 +++---
 stubs/usb-dev-stub.c     | 25 +++++++++++++++++++++++++
 MAINTAINERS              |  1 +
 hw/usb/meson.build       |  9 +++------
 stubs/meson.build        |  1 +
 11 files changed, 45 insertions(+), 14 deletions(-)
 create mode 100644 stubs/usb-dev-stub.c

Comments

Gerd Hoffmann May 5, 2021, 1:05 p.m. UTC | #1

Hi,

>   usb/xhci: sanity check packet size (CVE-2021-3527)

Self-NACK, this patch one is broken.
I'll respin the pull with this patch dropped.

take care,
  Gerd